4f13c1969f742e22bb7297f99a9de338f60e366811760a7c37331dfaa4bc6521

Sharing

Copy URL Twitter E-mail

General

Target

4f13c1969f742e22bb7297f99a9de338f60e366811760a7c37331dfaa4bc6521
Size

69KB
MD5

1f840061de3f9693188dfa1668abbf1f
SHA1

700a555165aef4b15868ceb089cd9ffb4552cfe7
SHA256

4f13c1969f742e22bb7297f99a9de338f60e366811760a7c37331dfaa4bc6521
SHA512

2f82ec071bb9dce9c0bc0f12e71d85a892689baeb7e00925e83a34b0877212be9c2f3401120a0f1fdc680d38bac33c1a02fff94be90f14ed5db38c9b77cea223
SSDEEP

1536:hkCL50KR7O+VY291ZffafIof/lW1L3OHrwBF1lF8y:hkC2Kz1fzQrwFlmy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f13c1969f742e22bb7297f99a9de338f60e366811760a7c37331dfaa4bc6521

Files

4f13c1969f742e22bb7297f99a9de338f60e366811760a7c37331dfaa4bc6521
.dll windows:4 windows x86 arch:x86

2250355e46b8f0a8591ed60edc268611

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\cygwin\home\wiFiRel10Int-Owl\wiFiInstaller\Setup2\BundleSetup\BundleCustomActions\Release\BundleCustomActions.pdb

Imports

msi

ord70
ord74
ord145

kernel32

DeleteFileW
lstrcmpiA
GetVersionExA
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
RtlUnwind
RaiseException
GetCurrentThreadId
GetCommandLineA
HeapFree
HeapAlloc
LCMapStringA
GetLastError
LCMapStringW
GetCPInfo
GetStringTypeA
GetStringTypeW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetLocaleInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
HeapSize
IsBadReadPtr
IsBadCodePtr
LoadLibraryA
GetACP
GetOEMCP
SetFilePointer
SetStdHandle
FlushFileBuffers
CloseHandle

user32

MessageBoxW

shell32

ShellExecuteW

advapi32

RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey

Exports

Exports

CheckOS
ClrFindRelativeProducts
Install
OpenListOfReq
PostFindRelativeProducts
PreUninstall

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2250355e46b8f0a8591ed60edc268611

Headers

File Characteristics

PDB Paths

Imports

msi

kernel32

user32

shell32

advapi32

Exports

Exports

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 10KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 10KB

.reloc
Size: 7KB - Virtual size: 7KB